WinGate Forums

[garaytm]

Just upgraded our production WinGate machine from 5.0.x to 5.2.2

Everything seems ok except a couple of ENS options no longer work or work correctly.

The second item that doesn't work correctly anymore is the blocking of Port 80 in NAT.

I used to block port 80 TCP on connections to the Internet. I did that so that someone couldn't come in, connect to the network, set the WinGate machine as the gateway and surf the web unmonitored. NAT logs are not like the WWW Proxy logs in which you can tell (easily) where someone surfed.

The NAT works great for pinging Internet clients and other utility options but I want to force everyone to use the WWW Proxy so their activity is well logged.

It has worked great in v5.0.x but now in v5.2.2, blocking port 80 TCP connections to the Internet also blocks the WWW Proxy. Not sure how or why. Just know that after I upgraded, no clients could surf using IE. I changed the "Deny" to "Allow" on that ENS Port Security entry and then activity worked fine. When it was set to "Deny", entries were being logged as such in the firewall logs.

What changed?? Is there another way to do what I am trying to do?

Thanks!

[Pascal]

Don't block the port, but switch on "Redirect ENS/WGIC connections" on the Sessions tab in the WWW Proxy Service.

That way, all clients who try to NAT will be pushed up through the proxy, giving you full control over policies, logging and allowing you to apply plugins should you wish to.